Qlockify/qlockify-backend-deployment
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(users): add google oauth login flow

Browse Source
This commit is contained in:
Amirhossein Khalili
2026-05-01 01:54:02 +03:30
parent 99eb4c2594
commit fb15a16204
10 changed files with 815 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

206
apps/users/tests/test_api_views.py
View File

@@ -8,7 +8,7 @@ from rest_framework import status
from rest_framework.test import APITestCase
from apps.users.api.views import RegisterWithPasswordView
from apps.users.models import User
from apps.users.models import User, UserSocialAccount
class UserApiViewTests(APITestCase):
@@ -386,3 +386,207 @@ class UserThrottleTests(APITestCase):
self.assertEqual(first.status_code, 400)
self.assertEqual(second.status_code, 429)
@override_settings(
GOOGLE_OAUTH_CLIENT_ID="google-client-id",
GOOGLE_OAUTH_CLIENT_SECRET="google-client-secret",
GOOGLE_OAUTH_REDIRECT_URI="http://testserver/api/users/oauth/google/callback/",
GOOGLE_OAUTH_FRONTEND_CALLBACK_URL="http://localhost:5173/auth/google/callback",
)
class GoogleOAuthApiTests(APITestCase):
@classmethod
def setUpTestData(cls):
cls.user = User.objects.create_user(
mobile="09125550001",
password="secret123",
first_name="Google",
last_name="Linked",
)
def setUp(self):
cache.clear()
def tearDown(self):
cache.clear()
def test_google_start_redirects_to_google_authorization_url(self):
response = self.client.get("/api/users/oauth/google/start/")
self.assertEqual(response.status_code, 302)
self.assertIn("accounts.google.com", response["Location"])
self.assertIn("state=", response["Location"])
@patch("apps.users.api.views.exchange_code_for_google_profile")
def test_google_callback_redirects_with_authenticated_flow_for_linked_account(
self,
exchange_code_for_google_profile,
):
exchange_code_for_google_profile.return_value = type(
"Profile",
(),
{
"provider_user_id": "google-sub-1",
"email": "linked@example.com",
"email_verified": True,
"first_name": "Google",
"last_name": "Linked",
"avatar_url": "https://example.com/avatar.png",
},
)()
UserSocialAccount.objects.create(
user=self.user,
provider=UserSocialAccount.ProviderType.GOOGLE,
provider_user_id="google-sub-1",
email="linked@example.com",
email_verified=True,
avatar_url="https://example.com/avatar.png",
)
start_response = self.client.get("/api/users/oauth/google/start/")
state = start_response["Location"].split("state=", 1)[1].split("&", 1)[0]
response = self.client.get(
f"/api/users/oauth/google/callback/?state={state}&code=google-code",
)
self.assertEqual(response.status_code, 302)
self.assertIn("/auth/google/callback?flow=", response["Location"])
flow = response["Location"].split("flow=", 1)[1]
flow_response = self.client.get(f"/api/users/oauth/google/flow/?flow={flow}")
self.assertEqual(flow_response.status_code, 200)
self.assertEqual(flow_response.data["status"], "authenticated")
self.assertIn("access", flow_response.data)
self.assertIn("refresh", flow_response.data)
@patch("apps.users.api.views.exchange_code_for_google_profile")
def test_google_callback_redirects_with_mobile_collection_flow_for_new_account(
self,
exchange_code_for_google_profile,
):
exchange_code_for_google_profile.return_value = type(
"Profile",
(),
{
"provider_user_id": "google-sub-2",
"email": "new@example.com",
"email_verified": True,
"first_name": "New",
"last_name": "User",
"avatar_url": "https://example.com/new-avatar.png",
},
)()
start_response = self.client.get("/api/users/oauth/google/start/")
state = start_response["Location"].split("state=", 1)[1].split("&", 1)[0]
response = self.client.get(
f"/api/users/oauth/google/callback/?state={state}&code=google-code",
)
flow = response["Location"].split("flow=", 1)[1]
flow_response = self.client.get(f"/api/users/oauth/google/flow/?flow={flow}")
self.assertEqual(flow_response.status_code, 200)
self.assertEqual(flow_response.data["status"], "collect_mobile")
self.assertEqual(flow_response.data["email"], "new@example.com")
@patch("apps.users.services.google_oauth.generate_and_send_otp")
def test_google_complete_existing_mobile_moves_flow_to_claim_required(self, generate_and_send_otp):
cache.set(
"google_oauth_flow:test-flow",
{
"status": "collect_mobile",
"google_profile": {
"provider_user_id": "google-sub-3",
"email": "existing@example.com",
"email_verified": True,
"first_name": "Existing",
"last_name": "User",
"avatar_url": "https://example.com/existing.png",
},
"email": "existing@example.com",
"first_name": "Existing",
"last_name": "User",
"avatar_url": "https://example.com/existing.png",
},
900,
)
response = self.client.post(
"/api/users/oauth/google/complete/",
{"flow": "test-flow", "mobile": self.user.mobile},
format="json",
)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data["status"], "claim_required")
generate_and_send_otp.assert_called_once_with(self.user.mobile, "login")
def test_google_complete_new_mobile_creates_user_and_link(self):
cache.set(
"google_oauth_flow:new-flow",
{
"status": "collect_mobile",
"google_profile": {
"provider_user_id": "google-sub-4",
"email": "created@example.com",
"email_verified": True,
"first_name": "Created",
"last_name": "User",
"avatar_url": "https://example.com/created.png",
},
"email": "created@example.com",
"first_name": "Created",
"last_name": "User",
"avatar_url": "https://example.com/created.png",
},
900,
)
response = self.client.post(
"/api/users/oauth/google/complete/",
{"flow": "new-flow", "mobile": "09125550009"},
format="json",
)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data["status"], "authenticated")
created_user = User.objects.get(mobile="09125550009")
self.assertFalse(created_user.has_usable_password())
self.assertTrue(
UserSocialAccount.objects.filter(
user=created_user,
provider=UserSocialAccount.ProviderType.GOOGLE,
provider_user_id="google-sub-4",
).exists()
)
@patch("apps.users.api.views.send_google_claim_otp")
def test_google_claim_send_otp_endpoint_dispatches(self, send_google_claim_otp):
send_google_claim_otp.return_value = {"detail": "Verification code sent successfully."}
response = self.client.post(
"/api/users/oauth/google/claim/send-otp/",
{"flow": "claim-flow"},
format="json",
)
self.assertEqual(response.status_code, 200)
send_google_claim_otp.assert_called_once_with("claim-flow")
@patch("apps.users.api.views.verify_google_claim")
def test_google_claim_verify_returns_tokens(self, verify_google_claim):
verify_google_claim.return_value = {"status": "authenticated", "access": "a", "refresh": "r"}
response = self.client.post(
"/api/users/oauth/google/claim/verify/",
{"flow": "claim-flow", "code": "12345"},
format="json",
)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data["access"], "a")
verify_google_claim.assert_called_once_with(flow="claim-flow", code="12345")